5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b

Analysis

max time kernel
54s
max time network
67s
platform
android_x86
resource
android-x86-arm-20240514-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20240514-enlocale:en-usos:android-9-x86system
submitted
22/05/2024, 08:29

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

Hoda TV NEW.apk
Size

17.0MB
MD5

c53693d288c5f5891d2a51290834d56a
SHA1

a86ca601046258565d0e26bcf5c57a781b208be0
SHA256

5cb1fdde075753692ebc51e12bd3e1b0617163c91cc817ee0c1195e93ad0e67b
SHA512

8bc659d6b1f00460c2d243a7403d23dab5f777d22c63915b9cc1a9d817e67e71028c58b53eec8fc0f8a25843f5bab4c0e8b43a172b8ca5ebfcb5a44ba253b80e
SSDEEP

393216:IveEHRFEKvZeGb1pJXYXpNp45O78QUFw5N:m9vEKv4U1pJXgPr2i5N

Score

7^/10

discovery evasion persistence

Malware Config

Signatures

Checks memory information 2 TTPs 1 IoCs

Checks memory information which indicate if the system is an emulator.

evasion discovery

System Checks

T1633.001

System Information Discovery

T1426

description	ioc	Process
File opened for read	/proc/meminfo	com.houdatv.app

Queries the mobile country code (MCC) 1 TTPs 1 IoCs

discovery

System Network Configuration Discovery

T1422

description	ioc	Process
Framework service call	com.android.internal.telephony.ITelephony.getNetworkCountryIsoForPhone	com.houdatv.app

Registers a broadcast receiver at runtime (usually for listening for system events) 1 TTPs 1 IoCs

persistence

Broadcast Receivers

T1624.001

description	ioc	Process
Framework service call	android.app.IActivityManager.registerReceiver	com.houdatv.app

Acquires the wake lock 1 IoCs

description	ioc	Process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.houdatv.app

Checks if the internet connection is available 1 TTPs 1 IoCs

discovery

System Network Connections Discovery

T1421

description	ioc	Process
Framework service call	android.net.IConnectivityManager.getActiveNetworkInfo	com.houdatv.app

com.houdatv.app
1⤵
- Checks memory information
- Queries the mobile country code (MCC)
- Registers a broadcast receiver at runtime (usually for listening for system events)
- Acquires the wake lock
- Checks if the internet connection is available
PID:4344

Network

MITRE ATT&CK Mobile v15

Initial Access

Execution

Persistence

Event Triggered Execution

T1624

Broadcast Receivers

T1624.001

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

T1633

System Checks

T1633.001

Credential Access

Discovery

System Information Discovery

T1426

System Network Configuration Discovery

T1422

System Network Connections Discovery

T1421

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
7237409e0640cfab7bdbd429bf821a3b

SHA1
4c3da934842f8d4835dfe2a9c275a300e5123309

SHA256
5c8e1b63d187efafe1e09bfadd83fd360176d689b57b5a0cc40e6854c12449fa

SHA512
c8afaf6a8ee43ce3601feff417bfaec563c01bcff0aae24577054034112b2020967f25b0b1a919c3c9e5e81d62a21a87e908b782c4d5cb8bba8ac259108e9c1f

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
3e66c2596ad3994e99b81835324e2c39

SHA1
249f54cb6fdd968e8848df9e5e33aaeca2be1045

SHA256
c0c21eccdfbc626777842b7798209a2b030760b0e7846c2e5658a4cbeba26f81

SHA512
dc175393b981590b59bb065ed92a42f922c900f5c1486e45f4c45e4840c0041e5d98407df089658d3214ecaf3ff1f5b68b07cc81cbc3d620288f97ccf8f5f2e8

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
64ca39bd3161bad82a91afc9e749625a

SHA1
0e9e0fc95f8cf6edadcc9e4774dd435a00281bba

SHA256
34983186586c16c07976f953a636321ec0e5223737f32317196366653645b9e1

SHA512
ea6a424be3e55638c37442c00da09a5133e06796ba2d6f2642e2b54a0b242395dc6de2f9540a407de14eb11851ff900b01b5d6fa4477030ed473b00d76dab9c9

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db

Filesize
16KB

MD5
c38907f956b1c0cab1b55ee10c1fb8d0

SHA1
cf28530ab02d4e4880c5084e1825e2f72295220a

SHA256
0b2d498645b69e673d34b6278a6fc93b9de786b6feedc5ab74fe276d3d49374e

SHA512
6fae747bea46f7d6105e84ba772107d0bece363f36758c437b3ce091d5636bdd8976f5d3801bf004f0bdc6deab40cf0e709423134e81573aab93d34dd987ef90

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-journal

Filesize
512B

MD5
dc34a55f9a138b4fdcbebc24758de878

SHA1
7bc54670f1a2367a269e2a54554d9f9aacee9f59

SHA256
c7ec8695915fb7c870d3d6c562856bbc97ba7285491a5aab6636c6a9309e5360

SHA512
7d5dab1545f888accd33648c58583b8d81c5c0f730b8b4f36604afc7687760ff246c77b702640a4f2a1ae401201e531b943c19fd8cb05fac00be76c4f2a81b59

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal

Filesize
36KB

MD5
cff4836bbb8e282209ccfc1ba5609532

SHA1
cf9a40c2ef51084dde4e3d1859f3cba9d4a78463

SHA256
bc3d8d6b72274c595573a9868784fc58c2d69b0c73686a9d99f56eaeb2bca9b1

SHA512
ccdd146f56d55cee04fabb70c2779a49e857848250b7c84e5d81c83db3dbc4214432ca020934cc2e1d42df4181af496b46746d93a01944dd04d086a54b43555a

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
183e12485b76b656899f25fd0b1b0841

SHA1
f33e978c9c2b7f47fdb22740a9bf096acdc6d15f

SHA256
c8762b889f701a78eb1950779fd832a2e9adbdf8da9e5a5730725ab268d4dd40

SHA512
a17b302486292ff0f66f171965888e728dbc940ab40c7c2cf8450dd1a16e2ef766be2d757f21c54da7933063112667d1ecd35afa37af9c87ba0e3fd91b413b64

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
d1673e59d856f32027c04c41ec880f5f

SHA1
dbeb3b3914bec78c2f3202be1c7d09b3b2b57025

SHA256
fc96a626642939d674c3d59fcf014406eb1a43b7a9f4524a8115b8a5653c0379

SHA512
87eba4895b074d46c54d9c5112de676a3e318eb5e399711e3f18591830e1edbe258804c93f215ee8cd824c49727cff00c3e25d3714f83ba06c088a5de2f74b9a

Download Submit
/data/data/com.houdatv.app/databases/google_app_measurement_local.db-wal

Filesize
4KB

MD5
476635c30e043567978b38475d0fe46e

SHA1
546ccf89a969e173809cd1754c433f60deb11e11

SHA256
cf794df1d1e4d091417f0c39e9fa77ad6875e90928446b6a60b92d8acbd0930d

SHA512
350fd95c8de7541aabe677f1a210504d33b7b0c393e6d43d57fc3e9fa9a58512c9f76d502829fa3a52632120623d769dc470a3298575d2dae935f8fee6aa0723

Download Submit
/data/data/com.houdatv.app/files/PersistedInstallation2815502881840258027tmp

Filesize
79B

MD5
756f69a9a5a47b5d83cf516bc0e3031a

SHA1
7eed532dbe6f14927ce4dc96458a40f9bae2bc33

SHA256
2dca88bba6f4f78a85015f6e8e5bcd3ff1f7020b21cf9eca972bfc98220eebf6

SHA512
72b69fffdd7aa5360991727906dfcb172fe138891a45313eb530b5eefaa15ad6b1b33535fb5c435a9b698f27ea319f77504dc0c2ca87ff6fa90d99195af3eca3

Download Submit
/data/data/com.houdatv.app/files/PersistedInstallation4131610224450106877tmp

Filesize
559B

MD5
61ae82e8b88bbffa29be414e4ece2f4c

SHA1
f18b3bd47f30c2d7fe1b30ab195b9755825889cb

SHA256
3eda554040e4f9be2bef90ce129227912c41bf97aafbf0284902728d87dfe0d8

SHA512
3150b954fd2ee332967e8e609795cad814ed8b5ff1c1e6bac8a6b4e69ef27124a4c4a517e21abd583650d541cce46c5ca47ea7779feb3b9dcc0ad2fd571bc7bc

Download Submit
/data/data/com.houdatv.app/files/vinebre_ac.txt

Filesize
19B

MD5
08c18f59d3e6910568a5db2e7c825eee

SHA1
afff2859b09b9eede9dd135dbc24470637d9307c

SHA256
5e8f5562b5dbec5bcfaa5596d1c6b217b497ecb0fa98675090d61863be3df01e

SHA512
12e6c5ff2475ce78979339ac632784721ff0daf38229197d5741161a8270896f536664077aa2f20bbd41b4706a56256ab619691db2bc979ea90eff1f4820bc79

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb

Filesize
4KB

MD5
f2b4b0190b9f384ca885f0c8c9b14700

SHA1
934ff2646757b5b6e7f20f6a0aa76c7f995d9361

SHA256
0a8ffb6b327963558716e87db8946016d143e39f895fa1b43e95ba7032ce2514

SHA512
ec12685fc0d60526eed4d38820aad95611f3e93ae372be5a57142d8e8a1ba17e6e5dfe381a4e1365dddc0b363c9c40daaffdc1245bd515fddac69bf1abacd7f1

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-journal

Filesize
512B

MD5
9cd03459e8f2ceb1a0621b274993a900

SHA1
74bce49ef74c54b03d8b4afbc3f6163474760117

SHA256
2bf0a90f41678a523e32f869a3299126b396d1a4be72ecf1cc51579bab2e4945

SHA512
54f6f805a72001692587470fd5bec2f042827e7b61c24c7d277bc567115d2a15e0520e90921320f7a5f398f285322e2bf6363a1e510c3a452382e43545a338cf

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-shm

Filesize
32KB

MD5
bb7df04e1b0a2570657527a7e108ae23

SHA1
5188431849b4613152fd7bdba6a3ff0a4fd6424b

SHA256
c35020473aed1b4642cd726cad727b63fff2824ad68cedd7ffb73c7cbd890479

SHA512
768007e06b0cd9e62d50f458b9435c6dda0a6d272f0b15550f97c478394b743331c3a9c9236e09ab5b9cb3b423b2320a5d66eb3c7068db9ea37891ca40e47012

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-wal

Filesize
16KB

MD5
02822f16bb3e4be1c97cf256e0830bda

SHA1
41c739a60c705ddcfe4800bd4cec181654e66c44

SHA256
abb04fc22d5c3ff64bddf855e00251c7b93aa2fcd243687e4c56643ef77a1722

SHA512
63d472caf04a697c7deb6cff57087774a3a7ebfff4b30c501e794c0e5e5d80df8634ecab64c186b6efb60c12d7eef5c3674fbfb1af2221a02a88b8c60f5cd5fd

Download Submit
/data/data/com.houdatv.app/no_backup/androidx.work.workdb-wal

Filesize
108KB

MD5
6699a900713cbb3b4180959944ad763b

SHA1
f6e03360e692b035e663bf1f3b4efe167fcc99e6

SHA256
f3e5983be32d6126dfd5f4aba2eb4c5bfedcfb26e426d5dbc7686a37332462cf

SHA512
e331de4032e868b7b8818c4cef84480bad8e3673e19fd16582e547bb6c3922991549c53e2dc6be3206b32af9c1c4008d96c12e330deb4291b415b3810059a217

Download Submit
/data/data/com.houdatv.app/no_backup/com.google.InstanceId.properties

Filesize
2KB

MD5
d2998f39645229c6e67ad6992a0d236d

SHA1
982fb065263936457dc8aa5b9d33489c8e73d417

SHA256
8df79d9941261d5326e2f06398636a0fd94b1465f1bc4f45a0dad804c3b271f3

SHA512
0a4339f4e89911588a6ad24bb6c22ead231c03f1036f33b92220c8b374aa9337fcd28ad937e1658b82f29da01023068c5a0f01778b8487c66cf37b55a7d1479d

Download Submit